click1.info2.eaglefinancialpublications.com Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view
Effective URL:
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D
Submission: On October 02 via api (October 2nd 2024, 10:09:36 pm UTC) from BE — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.info2.eaglefinancialpublications.com.

This is the only time click1.info2.eaglefinancialpublications.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:26d... 2600:9000:26db:ce00:0:9845:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
11	6

4 74.214.203.11 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)

click1.info2.eaglefinancialpublications.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:ce00:0:9845:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2r7cfber3va4h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh7-rt.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ci3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	84 KB
4	eaglefinancialpublications.com 2 redirects click1.info2.eaglefinancialpublications.com	30 KB
2	googleusercontent.com lh7-rt.googleusercontent.com — Cisco Umbrella Rank: 733 ci3.googleusercontent.com — Cisco Umbrella Rank: 477	14 KB
2	cloudfront.net d2r7cfber3va4h.cloudfront.net	648 KB
0	efeedbacktrk.com Failed b39049.efeedbacktrk.com Failed
11	5

	Domain	Requested by
4	connect.facebook.net	click1.info2.eaglefinancialpublications.com connect.facebook.net
4	click1.info2.eaglefinancialpublications.com	2 redirects
2	d2r7cfber3va4h.cloudfront.net	click1.info2.eaglefinancialpublications.com
1	ci3.googleusercontent.com	click1.info2.eaglefinancialpublications.com
1	lh7-rt.googleusercontent.com	click1.info2.eaglefinancialpublications.com
0	b39049.efeedbacktrk.com Failed	click1.info2.eaglefinancialpublications.com
11	6

This site contains no links.

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D
Frame ID: E3AB06FB9244E0400664C7EA45C74699
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How Bryan Perry has averaged 342.17% per year since 2017

Page URL History Show full URLs

http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmq... HTTP 307
https://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmq... HTTP 307
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmq... Page URL
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

11
Requests

36 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

774 kB
Transfer

1275 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view HTTP 307
https://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view HTTP 307
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view Page URL
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view HTTP 307
https://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view HTTP 307
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 4

http://click1.info2.eaglefinancialpublications.com/hmbbplcvlqszjcwlzsrdgzfcpbzqhbfvslghbprzwqhn~djgcrphtjm.gif HTTP 302
https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6270

Request Chain 6

http://click1.info2.eaglefinancialpublications.com/bblfmsgpsljyvgqsyjkntyzgmfylcfzpjstcfmkyqlcp~djgcrphtjm.gif HTTP 302
https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6271

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

ViewMessage.do Show response
click1.info2.eaglefinancialpublications.com/
Redirect Chain

http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view
https://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view
http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view

3 KB
3 KB

138ms
138ms

Document
text/html

74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 7b98920f240028588bc659737f6ee705c68dc620ac2579f6266cc8aaf725830d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Wed, 02 Oct 2024 22:09:31 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

Redirect headers

Location: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

66ms
30ms

Script
application/x-javascript

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.info2.eaglefinancialpublications.com
URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view

Protocol

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c744132c5e8140250bcd560417eb7a66e121aa517e30a9b8771f6ca17f7cb80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

content-md5: CRpnCGsY10PBqozkB5xyCg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "52436b4b767021072c8722cf1abac907"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 22:11:06 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Wed, 02 Oct 2024 22:09:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 78358e89bfbb16588765538267158236
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: BvXqpMG0kjx7HuV1kxPXBithjfhNthm+LQ0OEZfDixqJomhqH9m4OW/Im2i4kIUq0oBsolPWXyhl/fotQvHKiA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H3 200 all.js
connect.facebook.net/en_US/ 291 KB
82 KB 69ms
34ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=2f4b2027ce68c31166ef09107cdfad59

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: http://click1.info2.eaglefinancialpublications.com
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

content-md5: AAIvuku02JI4xE+EiR4WQg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "c2918d7894494203ef545c688c46e44f"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 20:31:03 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 02 Oct 2024 22:09:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 5743fcb8568695e6c1eaebc1191357b7
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: QQhcBBaXkQyRuuEFWl7zH/4rmE3TaSq9lBWMpUvdPGfqah/T6FYoJqv/WOItiL3Xsj+68arRwDgHRufNrze9FA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 83681

POST
H/1.1 200
OK Primary Request ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D Show response
click1.info2.eaglefinancialpublications.com/ 26 KB
26 KB 199ms
198ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a56d105e9273e6d9be48879a7ca69fb696af0ef3391db3f4526afeee1a62955d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://click1.info2.eaglefinancialpublications.com
Referer: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do?m=tcvcplmvp&r=ucyngqwhcf&s=kllmqbvlbhrwvsbrkzgpvqmhdmplrbgdmqk&q=1727881200&a=view
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Wed, 02 Oct 2024 22:09:31 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H3

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
0

0ms
0ms

Script
application/x-javascript

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.info2.eaglefinancialpublications.com
URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D

Protocol

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c744132c5e8140250bcd560417eb7a66e121aa517e30a9b8771f6ca17f7cb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

content-md5: CRpnCGsY10PBqozkB5xyCg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "52436b4b767021072c8722cf1abac907"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 02 Oct 2024 22:11:06 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=1200s
date: Wed, 02 Oct 2024 22:09:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 78358e89bfbb16588765538267158236
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: BvXqpMG0kjx7HuV1kxPXBithjfhNthm+LQ0OEZfDixqJomhqH9m4OW/Im2i4kIUq0oBsolPWXyhl/fotQvHKiA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H2

200

6270
d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/
Redirect Chain

http://click1.info2.eaglefinancialpublications.com/hmbbplcvlqszjcwlzsrdgzfcpbzqhbfvslghbprzwqhn~djgcrphtjm.gif
https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6270

334 KB
335 KB

141ms
53ms

Image
image/jpg

2600:9000:26db:ce00:0:9845:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6270
Requested by: Host: click1.info2.eaglefinancialpublications.com
URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D
Protocol: H2
Server: 2600:9000:26db:ce00:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecba86e49383504c58fd380aa7e232834164ec3786f8cd8c1f0dbd84b8d3106f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

x-amz-version-id: TKslY5rnzn81Pm.vQp0btdXWstEtnuO7
etag: "0ed6a10ab725e751fd5c088922e7c445"
age: 25629
via: 1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 342128
x-amz-cf-id: VhHkhyyrXneSh_O4XM8GcwKeIkViXROZUpRVarYkPF3QDzuCURs4rg==
date: Wed, 02 Oct 2024 15:02:24 GMT
content-type: IMAGE/jpg
last-modified: Wed, 02 Oct 2024 14:06:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256

Redirect headers

Location: https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6270
Keep-Alive: timeout=60
Content-Length: 0
Date: Wed, 02 Oct 2024 22:09:31 GMT
Content-Type: text/html;charset=utf-8
Server: Apache-Coyote/1.1
Connection: Keep-Alive

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 291 KB
0 69ms
34ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=2f4b2027ce68c31166ef09107cdfad59

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4437ee2f0da8eaefdd40c22f580bfc4ec6c9ea7745e8eaed51c7ff37bd472a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: http://click1.info2.eaglefinancialpublications.com
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

content-md5: AAIvuku02JI4xE+EiR4WQg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "c2918d7894494203ef545c688c46e44f"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 20:31:03 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 02 Oct 2024 22:09:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 5743fcb8568695e6c1eaebc1191357b7
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: QQhcBBaXkQyRuuEFWl7zH/4rmE3TaSq9lBWMpUvdPGfqah/T6FYoJqv/WOItiL3Xsj+68arRwDgHRufNrze9FA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 83681

GET
H2

200

6271
d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/
Redirect Chain

http://click1.info2.eaglefinancialpublications.com/bblfmsgpsljyvgqsyjkntyzgmfylcfzpjstcfmkyqlcp~djgcrphtjm.gif
https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6271

312 KB
313 KB

136ms
53ms

Image
image/png

2600:9000:26db:ce00:0:9845:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6271
Requested by: Host: click1.info2.eaglefinancialpublications.com
URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D
Protocol: H2
Server: 2600:9000:26db:ce00:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d6456c47706354e61eb81131771feb690a10246ee775c90b0939b6e83a57c5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

x-amz-version-id: 26_CN1kuhVwL46dFn2rF.rUNOHI8gZxK
etag: "dafca97db295769ab32c997a0fba60ea"
age: 25629
via: 1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 319599
x-amz-cf-id: rvLAKmwiQxKmrt5U2h3-wuFE_b4HgZkoy4zLq_p803x2GmIbGuaCaQ==
date: Wed, 02 Oct 2024 15:02:24 GMT
content-type: IMAGE/png
last-modified: Wed, 02 Oct 2024 14:17:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256

Redirect headers

Location: https://d2r7cfber3va4h.cloudfront.net/3CA51A24-B56A-4DEF-95C3-273914AF73CD/6271
Keep-Alive: timeout=60
Content-Length: 0
Date: Wed, 02 Oct 2024 22:09:32 GMT
Content-Type: text/html;charset=utf-8
Server: Apache-Coyote/1.1
Connection: Keep-Alive

GET
H2 200 AD_4nXccYiJDbErCedvNcIIL4AFhDP_oqVkkFTTK-_fJgqSPXCaZeW9JgVnT58Qd0ZJIkti_KZK-l2DsLKN8SL-ucDaYejqiCcxFdXrcgsHU2HCohvjD3w1WCKHZOlaZppp4TL1FVMIq1Ff3VLMkAQ9rsjmiZ55hytRKptggpfxjRNTY3XjTiczES-E
lh7-rt.googleusercontent.com/docsz/ 11 KB
12 KB 113ms
31ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-rt.googleusercontent.com/docsz/AD_4nXccYiJDbErCedvNcIIL4AFhDP_oqVkkFTTK-_fJgqSPXCaZeW9JgVnT58Qd0ZJIkti_KZK-l2DsLKN8SL-ucDaYejqiCcxFdXrcgsHU2HCohvjD3w1WCKHZOlaZppp4TL1FVMIq1Ff3VLMkAQ9rsjmiZ55hytRKptggpfxjRNTY3XjTiczES-E?key=ZOtsZ5IurjpJc2HuA96fdQ

Requested by

Host: click1.info2.eaglefinancialpublications.com
URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c74ec1645fef0f7b899725b13c4f99fabfa235f252beda8c188daad181dc6a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v0"
age: 10362
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 19:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 02 Oct 2024 19:16:50 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11651
x-xss-protection: 0
server: fife

GET
H2 200 ADKq_NbxcszDrLvUUo4nBBZan7On-prDDGsiztuhupb7QZiL4m4dVf991-4RvvaCsHn5EUnZP4bR0mCWz_HzgJ_935G9OaC40xENbnMXi5v7ukOfYnK6snJSUW4dg8TxZumBhraYBo18oSkiIsl6yirur8XNCwEyNpGNiUMxc2YUqFPrxmLX=s0-d-e1-ft
ci3.googleusercontent.com/meips/ 2 KB
2 KB 341ms
260ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ci3.googleusercontent.com/meips/ADKq_NbxcszDrLvUUo4nBBZan7On-prDDGsiztuhupb7QZiL4m4dVf991-4RvvaCsHn5EUnZP4bR0mCWz_HzgJ_935G9OaC40xENbnMXi5v7ukOfYnK6snJSUW4dg8TxZumBhraYBo18oSkiIsl6yirur8XNCwEyNpGNiUMxc2YUqFPrxmLX=s0-d-e1-ft

Requested by

Host: click1.info2.eaglefinancialpublications.com
URL: http://click1.info2.eaglefinancialpublications.com/ViewMessage.do;jsessionid=C06816A4185DFEAF2D84054CC99EFE7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f384953d179b36e19af1c35b101245196efa72f3326be5bdc2044304ef071a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://click1.info2.eaglefinancialpublications.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: private, max-age=86400, no-transform, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1640
date: Wed, 02 Oct 2024 22:09:32 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: attachment;filename="unnamed.gif"

GET wddvmtgdtlwbkgstbwqhybjgmvblnvjdwtynvmqwnwvdfj_zspsbmprflkrwmwddrmzz.gif
b39049.efeedbacktrk.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b39049.efeedbacktrk.com
URL: https://b39049.efeedbacktrk.com/wddvmtgdtlwbkgstbwqhybjgmvblnvjdwtynvmqwnwvdfj_zspsbmprflkrwmwddrmzz.gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FB object| __buffer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.info2.eaglefinancialpublications.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: CEAC387ECA8AC0CC94D209437838E40A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b39049.efeedbacktrk.com
ci3.googleusercontent.com
click1.info2.eaglefinancialpublications.com
connect.facebook.net
d2r7cfber3va4h.cloudfront.net
lh7-rt.googleusercontent.com
b39049.efeedbacktrk.com
2600:9000:26db:ce00:0:9845:40:93a1
2a00:1450:4001:808::2001
2a00:1450:4001:829::2001
2a03:2880:f083:100:face:b00c:0:3
74.214.203.11
3d6456c47706354e61eb81131771feb690a10246ee775c90b0939b6e83a57c5e
4437ee2f0da8eaefdd40c22f580bfc4ec6c9ea7745e8eaed51c7ff37bd472a50
7b98920f240028588bc659737f6ee705c68dc620ac2579f6266cc8aaf725830d
7c744132c5e8140250bcd560417eb7a66e121aa517e30a9b8771f6ca17f7cb80
a56d105e9273e6d9be48879a7ca69fb696af0ef3391db3f4526afeee1a62955d
c74ec1645fef0f7b899725b13c4f99fabfa235f252beda8c188daad181dc6a93
ecba86e49383504c58fd380aa7e232834164ec3786f8cd8c1f0dbd84b8d3106f
f384953d179b36e19af1c35b101245196efa72f3326be5bdc2044304ef071a6b

click1.info2.eaglefinancialpublications.com Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

36 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

774 kBTransfer

1275 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

click1.info2.eaglefinancialpublications.com Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

36 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

774 kB
Transfer

1275 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions